安装后在 / root 目录下没有发现有. mysql_secret 这个文件,所以没有没法按照官方文档上说的那样使用,这里记录下,
解决方式:
- 首先修改MySQL授权登录方式---(跳过授权验证方式启动MySQL):[root@test ~]# mysqld_safe --skip-grant-tables &
- [1]3401
- [root@test ~]#2016-05-19T12:47:56.564385Z mysqld_safe Logging to'/var/log/mysqld.log'.
- 2016-05-19T12:47:56.589376Z mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql检查MySQL启动情况[root@test~]#ps-ef |grep mysql
- root 3401 2880 0 20:47pts/1 00:00:00/bin/sh/usr/bin/mysqld_safe --skip-grant-tables
- mysql 3548 3401 0 20:47pts/1 00:00:00/usr/sbin/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib64/mysql/plugin --user=mysql --skip-grant-tables --log-error=/var/log/mysqld.log --pid-file=/var/run/mysqld/mysqld.pid --socket=/var/lib/mysql/mysql.sock
- 这时登录MySQL不再需要验证[root@test ~]# mysql
- 切换到mysql系统库:mysql> usemysql;修改root账户登录密码:mysql> update user setpassword=password('')where user='root';
- ERROR 1054(42S22): Unknowncolumn 'password' in 'field list'
- ---报错没有password这个数据字段列
- 描述user表mysql> desc user;
- ...
- |authentication_string| text |YES| | NULL | |
- |password_expired|enum('N','Y')|NO| |N| |
- |password_last_changed| timestamp |YES| | NULL | |
- |password_lifetime| smallint(5) unsigned|YES| | NULL | |
- |account_locked|enum('N','Y')|NO| |N| |
- +------------------------+-----------------------------------+------+-----+-----------------------+-------+
- ---没发现password列,但是找到这5个跟密码相关的数据字段
- 查询一下相关的密码信息:mysql> select user,host,authentication_string,password_expiredfrom user;
- +-----------+-----------+-------------------------------------------+------------------+
- | user |host|authentication_string|password_expired|
- +-----------+-----------+-------------------------------------------+------------------+
- |root|localhost| *9AA01F6E2A80A823ACB72CC07337E2911404B5B8|Y|
- |mysql.sys|localhost| *THISISNOTAVALIDPASSWORDTHATCANBEUSEDHERE|N|
- +-----------+-----------+-------------------------------------------+------------------+
- ---到这里不难发现root账户的密码已过期,还比5.6多出了一个mysql.sys用户
- 修改密码mysql> update user setauthentication_string=password('123abc')where user='root';
- Query OK, 1row affected (0.00 sec)
- Rows matched: 1Changed:1Warnings:0
- mysql>flushprivileges;
- Query OK, 0rows affected (0.00 sec)
- mysql> exit
- 重启MySQL:[root@test ~]#/etc/init.d/mysqld restart登录测试:[root@test ~]# mysql-p
- Enter password:
- Welcome to the MySQL monitor. Commands end with ; or \g.
- Your MySQL connection idis3
- Server version: 5.7.12-enterprise-commercial-advanced
- ...
- mysql> show databases;
- ERROR 1820(HY000): You must reset your password usingALTER USERstatement before executing this statement.---报错,需要使用alter user 修改密码mysql> alter userroot@'localhost'identifiedby 'Oracle';
- ERROR 1819(HY000): Your password doesnotsatisfy thecurrentpolicy requirements---报错,密码不满足制定的密码负责度要求mysql> alter user 'root'@'localhost'identifiedby 'Abc!123D';
- Query OK, 0rows affected (0.01 sec)
- mysql> show databases;
- +--------------------+
- | Database |
- +--------------------+
- |information_schema|
- |mysql|
- |performance_schema|
- |sys|
- +--------------------+
- 4rowsin set(0.00sec)
- mysql> SHOW VARIABLES LIKE 'validate_password%';
- +--------------------------------------+--------+
- |Variable_name|Value|
- +--------------------------------------+--------+
- |validate_password_dictionary_file| |
- |validate_password_length| 8 |
- |validate_password_mixed_case_count| 1 |
- |validate_password_number_count| 1 |
- |validate_password_policy|MEDIUM|
- |validate_password_special_char_count| 1 |
- +--------------------------------------+--------+
- 6rowsin set(0.02 sec)
- mysql> showplugins;+----------------------------+----------+--------------------+----------------------+-------------+
- |Name|Status|Type|Library|License|
- +----------------------------+----------+--------------------+----------------------+-------------+
- |binlog|ACTIVE|STORAGE ENGINE| NULL |PROPRIETARY|
- ...
- | validate_password | ACTIVE |VALIDATE PASSWORD|validate_password.so|PROPRIETARY|
- +----------------------------+----------+--------------------+----------------------+-------------+
- ---可以通过在配置文件[mysqld]标签中添加 validate_passwor=off ,来关闭密码策略
- 如下:
- ...
- | validate_password | DISABLED |VALIDATE PASSWORD|validate_password.so|PROPRIETARY|
- +----------------------------+----------+--------------------+----------------------+-------------
1) 安装好 mysql 后,第一次启动时,root 管理密码会在 / root/.mysql_secret 中随机生成
2) 至 5.7 后,MySQL 的 mysql.user 表中的密码字段由之前的 password 改为 authentication_string
3) 使用 --skip-grant-tables 参数启动,跳过 MySQL 的授权验证,--skip-networking 参数,跳过远程登录
4) 修改 MySQL 密码方式:
法 1:update user set authentication_string=password('123abc') where user='root';
法 2:set password=password('newpassword');
法 3:alter user root@'localhost' identified by 'oracle';
法 4:在 shell 下使用 MySQL 工具:mysqladmin -uroot-poldpassword pasword "newpassword"
5) 关于 MySQL 密码策略:
--validate-password=ON/OFF/FORCE/FORCE_PLUS_PERMANENT
决定是否使用该插件 (及强制 / 永久强制使用)
validate_password_dictionary_file > 插件用于验证密码强度的字典文件路径。validate_password_length > 密码最小长度。validate_password_mixed_case_count > 密码至少要包含的小写字母个数和大写字母个数。validate_password_number_count> 密码至少要包含的数字个数。validate_password_policy > 密码强度检查等级,0/LOW、1/MEDIUM、2/STRONG。validate_password_special_char_count > 密码至少要包含的特殊字符数。其中关于 validate_password_policy - 密码强度检查等级:
0/LOW> 只检查长度。1/MEDIUM > 检查长度、数字、大小写、特殊字符。2/STRONG > 检查长度、数字、大小写、特殊字符字典文件。经过一段时间后,发现 mysql 初始密码原来被记录到了日志文件中
- 查找日志位置 [root@test /
- var / lib / mysql]#ps - ef | grep mysql root 5604 1 0 22 : 40 pts / 1 00 : 00 : 00 / bin / sh / usr / bin / mysqld_safe--datadir = /var/lib / mysql--socket = /var/lib / mysql / mysql.sock--pid - file = /var/run / mysqld / mysqld.pid--basedir = /usr --user=mysql
- mysql 5802 5604 5 22:40 pts/1 00 : 00 : 00 / usr / sbin / mysqld--basedir = /usr --datadir=/
- var / lib / mysql--plugin - dir = /usr/lib64 / mysql / plugin--user = mysql--log - error = /var/log / mysqld.log--pid - file = /var/run / mysqld / mysqld.pid--socket = /var/lib / mysql / mysql.sock root 5837 2880 0 22 : 40 pts / 1 00 : 00 : 00 grep--color mysql藏在日志文件中的临时密码 [root@test /
- var / lib / mysql]#grep "A temporary password" /
- var / log / mysqld.log 2016 - 05 - 17T16: 46 : 53.059632Z 1[Note] A temporary password is generated
- for root@localhost: +wGVA#to(4tu
来源: http://www.linuxidc.com/Linux/2017-05/143692.htm